View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0005819||CentOS-6||bind||public||2012-07-11 11:34||2012-07-17 14:48|
|Target Version||Fixed in Version|
|Summary||0005819: dnssec stopped to work after named upgrade|
|Description||(6.3 in product version missing)|
dnssec stopped to work after named upgrade from 6.2 -> 6.3 on two servers.
I cant figure out why. I have my named chrooted.
Also an error is displayed when named are started:
# /etc/init.d/named start
ls: cannot access /var/named/chroot/etc/named: No such file or directory
mount: mount point /var/named/chroot/etc/named does not exist
Starting named: [ OK ]
As a workaround, to be able to resolve anything at all, I have turned off
dnssec. Its not just dnssec enabled zones that I cant resolve its EVERYTHING.
Just gets SERVFAIL.
|Steps To Reproduce||Update from 6.2 to 6.3|
|Tags||No tags attached.|
Got dnssec to work if I changed from
However, the error when starting named is still there.
named works however.
bah, it stopped to work after the virt was suspended and enabled again.
Jul 11 20:27:28 gotcha named: error (must-be-secure) resolving 'dlv.isc.org/DNSKEY/IN': 2001:500:2c::254#53
Jul 11 20:27:28 gotcha named: validating @0x7f9a3c015990: dlv.isc.org DNSKEY: must be secure failure, . is under DLV (startfinddlvsep)
I have disabled dnssec again.
|An interesting note: Exactly this problem with dnssec happend for an other person that used bind 9.8.1-P1 (ubuntu 12.04). I guess something in bind is BROKEN.|